Preparing For A Cybersecurity Attack: Is Compromise Inevitable?

Posted by Craig McDonald on 20 September 2021 13:32:31 AEST

Compromise can happen to anyone. It’s no longer a case of ‘If a cyberattack hits my business’ but ‘A cyberattack will hit my business’. We have come a long way from the thinking that only certain types of businesses (or business functions) could be the recipient of a cyberattack. Most security professionals now assume that a breach is inevitable and prepare accordingly.

Read More

PayPal Users Beware: Fake Emails Claiming, ‘Your Account Has Been Limited’ Landing in Inboxes

Posted by MailGuard on 16 September 2021 13:52:32 AEST

PayPal users should be watchful before opening or responding to any generic emails advising of a ‘limit’ being placed on their account, as it is most likely a devious attempt by scammers to get a hold of account and credit card information. Many of us rely on PayPal, (approximately 392 million, in fact) as a trusted way to make and receive payments, with 29 million active merchants using the service to run their online businesses, particularly in the current pandemic influenced times. This is not the first time that MailGuard has intercepted a scam spoofing the popular global payment provider, with the rise of online shopping and ease of use from various, perhaps, unsecured devices, providing a vantage point for criminals.

Read More

CBA NetBank Customers Beware of Fake ‘Financial Statement’ Email Alert

Posted by MailGuard on 14 September 2021 18:18:26 AEST

Millions of Commonwealth Bank NetBank customers are at risk of having their details stolen via the latest phishing email intercepted by MailGuard. This is the second time in the last month that scammers have purported to be the bank, one of Australia’s largest financial institutions, in an attempt to lure unsuspecting victims into providing sensitive data, such as customer account information and credit card details for credential harvesting purposes. Cybercriminals often imitate financial institutions due to their large customer base, trusted name, and the plethora of data at hand.  

Read More

Expecting a Parcel? Stay Cautious, Australia Post Phishing Scam Circulating

Posted by MailGuard on 09 September 2021 13:39:16 AEST

An email phishing scam purporting to be from Australia Post has been intercepted by MailGuard. There has been an increase in parcel deliveries due to the lockdowns and COVID restrictions currently happening Australia-wide, and cybercriminals are taking advantage of expectant recipients by using email phishing scams from commonly used delivery services such as DHL and Australia Post to secure sensitive details for credential harvesting purposes. It’s important that email users remain extra cautious before opening any emails pertaining to deliveries, particularly one’s that you are not expecting. Levels of anticipation may be further heightened by recent delays resulting from AusPost workers in COVID isolation 

Read More

Password Best Practise: A Must-Have Layer of Cyber Defense

Posted by Craig McDonald on 25 August 2021 13:19:46 AEST

We all use passwords. In fact, we need them to access almost any online device. They are the key to retrieving sensitive data, whether it be online banking, classified company documents or social profiles, such as LinkedIn. They’re the first line of defense to protect crucial information, and often the most vulnerable. It’s not surprising then, that cybercriminals often create phishing scams to steal password credentials in order to procure data for use in criminal activity.

Read More

To Pay a Ransom? The Debate Rages On

Posted by Craig McDonald on 02 August 2021 16:53:33 AEST

As I write this, the threat of Ransomware is rapidly on the rise. So much so that the Australian Federal Police has formed a task force - Operation Orcus - following in the footsteps of the US Government, in an attempt to combat the specialised criminal infrastructure that is wreaking havoc across large scale organisations here and globally. High profile victims such as Nine Entertainment, JBS and Uniting Care, along with the recent Kaseya interception have been making headlines and may continue to do so without superior intelligence targeting organised crime groups.  

Read More

Double Whammy: The Latest Phishing Scam Uses your ‘IT Support’ team to Install Malware

Posted by MailGuard on 29 July 2021 13:39:42 AEST

The latest phishing alert sees scammers impersonate the IT department of the targeted organisation in an attempt to steal email credentials and install a malicious file onto the victim’s computer.  Attackers have interestingly used a fake email address from American multi-national and shipping services company FedEx as the trusted name to lure victims into providing their details.  

A notable characteristic of this attack is the scammer's ability to use the name of your company or organisation in order to facilitate the phishing attempt. By purporting to be the victims internal IT services, the email advises the receiver that they have been ‘deactivated’ from a service (actual service not specified) by not having updated their email address. The rectification for this is via downloading the attachment that will apparently assist in updating this information. The wording and instruction in this email, if not looked at closely, attempts to mislead the victim into thinking that their online capability may be deactivated if the instructions are not followed. An easy trap for those who cannot afford to not have access to their company’s internal tech systems (which is usually the whole organisation).  

Read More

Worth A Double-Take: False Email Quarantine Alerts from ‘Outlook’

Posted by MailGuard on 27 July 2021 14:54:10 AEST

This recent email attack threatens to steal user login credentials masquerading as trusted Microsoft email web app, Outlook. With over 400 million Outlook users globally, there is a good chance that you and your organisation are at risk of data theft.  

A fraudulent quarantine alert is the bait used for a recent email phishing scam currently being intercepted by MailGuard. Cybercriminals have used Outlook branding to trick unsuspecting recipients into entering their credentials (email username and password) for use in future criminal activity.  

The email arrives as an alert informing the victim of several emails whose delivery has been prevented due to system errors. After which, a link is provided to coerce the victim into reviewing the falsely quarantined emails. Recipients may be tricked into believing that the email is from the ‘Notifications Team’ however it appears to have come from a compromised Office 365 Account.  

Read More

‘Urgent Order’ email packing a nasty payload

Posted by MailGuard on 23 July 2021 14:56:19 AEST

In what may appear to be simply a misdirected email, users who click on the ‘Order0076654.xlsx’ attachment are in for a nasty surprise. The attachment is a malicious payload that could result in devastating consequences for the user and their business.

Read More

Telstra phishing email scam – “Your contract has been cancelled”

Posted by MailGuard on 14 July 2021 14:49:07 AEST

In the latest email phishing campaign landing in inboxes, telecommunications carrier, Telstra, is being impersonated by cybercriminals in an attempt to trick users into handing over sensitive credentials.

Read More

Caution: OneDrive & Outlook File-Sharing Email Phishing Campaign

Posted by MailGuard on 09 July 2021 14:22:37 AEST

Email users take care, MailGuard is intercepting a fraudulent file sharing email scam that uses a Microsoft OneDrive template and links to two different phishing pages, one of which employs Outlook OWA branding, and the other has branding for the recipient company. The campaign is designed to harvest sensitive user credentials that can be used in subsequent attacks and/or sold on the dark web.

Read More

USPS email scam – “Missing information and delivery fee”

Posted by MailGuard on 02 July 2021 18:41:20 AEST

MailGuard is currently intercepting a fraudulent USPS (US Postal Service) email scam with the subject line “Missing information and delivery fee, [your name] – Update your informations”.

Read More

Think before you click: Phishing email masquerades as new message alert from LinkedIn to trick users

Posted by Akankasha Dewan on 24 June 2021 18:42:36 AEST

MailGuard has intercepted a fraudulent email purporting to be from LinkedIn, a popular e-networking tool used by millions of professionals worldwide. This is a phishing email designed to harvest the confidential data of LinkedIn users for malicious intent, such as committing identity theft.

Read More

Watch Out: Phishing email sent from compromised account claims to share a ‘secure’ document via Microsoft SharePoint

Posted by Akankasha Dewan on 18 June 2021 12:28:20 AEST

Launching phishing email scams via compromised accounts continues to be a popular technique among cybercriminals looking to deceive users. MailGuard has intercepted a new phishing email scam that originates from a compromised email account belonging to a user at Anglican Care, an aged care facility.

Read More

The anatomy of a phishing email scam: How social engineering techniques trick users

Posted by Craig McDonald on 17 June 2021 16:19:05 AEST

A personalised and targeted email, an opportune offer and the impersonation of multiple brands – some of the techniques employed by cybercriminals in a phishing email scam that resulted in a property buyer losing thousands of dollars as part of a ‘deposit’, supposedly for his new apartment.

Read More

Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.

Remember:

  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Subscribe to email updates

Recent Posts

Posts by Topic

see all